mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-09-11 15:08:33 +01:00
Code Issues Wiki Activity

envoy: flag as vulnerable to CVE-2024-30255

Browse source 
Envoy 1.27.4 [0] contains the fix but upgrading it is
not straightforward as the build of the current version
is already broken and only thanks to the caching of the deps
(seems to be the case since the removal of Go 1.20).

Fixing the build seems to require more Bazel knownledge than I have
and the the usual maintainer is currently not available.

[0] https://github.com/envoyproxy/envoy/releases/tag/v1.27.4
This commit is contained in:
Thomas Gerbet 2024-04-10 22:43:57 +02:00
parent ddcd5f2762
commit bc4dc452fa
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pkgs/servers/http/envoy/default.nix
View file

@ -197,5 +197,6 @@ buildBazelPackage {
license = licenses.asl20;
maintainers = with maintainers; [ lukegb ];
platforms = [ "x86_64-linux" "aarch64-linux" ];
knownVulnerabilities = [ "CVE-2024-30255" ];
};
}